Facebook's data problems deepen: How to fortify your account 2.0

Updated Sept. 28, 2018: Attackers stole information that could give them access to nearly 50 million Facebook accounts, the social network announced Friday. Facebook said hackers exploited the "View As" feature, which allows users to see what their profile looks like to other people, to steal login data. Facebook is resetting access tokens for another 40 million people, so altogether, 90 million people will have to log back into Facebook.

The company said it has fixed the vulnerability, notified police and turned off the "View As" feature.

These changes don't mean you shouldn't take steps to protect yourself in the wake of all the headlines. There are reasons to worry about social network breaches. Scammers can use information gleaned from social profiles to, for instance, answer the security questions protecting your bank account or commit identity theft. You can find tips for getting ahead of fraud in the wake of a hack here.

Fortunately, there are steps you can take on Facebook to protect yourself.

1. Control your permissions

We asked Adam Levin, chairman and founder of CyberScout, an identity protection company, and author of "Swiped," for tips on how to protect you Facebook data.

Facebook allows you to control how apps use your information, Levin said. Go to Facebook settings, then apps. Here you can check the permissions you grant apps to access your information, including your friends list and email address.

Check each apps' permissions. They can get extensive. For example, an app I installed, Bandsintown, has access to my profile, friends list, location, likes, email and songs I listened to in other music apps. Any app that uses your Facebook login will get access to some personal data, from Candy Crush (public profile, friends list, email) to Farm Heroes (profile, friends list, email) to Spotify (profile, friends list, birthday, hometown, email).

You can also remove apps that look suspicious or that you don't use and, under "Apps, Websites and Plugins," choose to disable your Facebook login for plugins, games and outside websites.

2. Check privacy settings

You can change your privacy settings to minimize how much information you expose to the world. Under privacy settings, you can control who sees your posts, who sees your friends list and whether people can find your profile using your email, phone number or a search engine. You can adjust the settings so only your friends can see your posts and only you can see your friends list.

3. Scrutinize future apps

Always be careful installing Facebook apps, Levin said. They may contain malware or misuse your data. If you do use apps, make sure they're from companies you trust.

4. Other things to check

Here's a potpourri of things you may want to shore up while you're in settings.

• Security and login: Make sure you're using a strong password and two-factor authentication to protect your account.

• Timeline and tagging: You may be careful about what you post on your own timeline, and you can control who sees that here, but your friends may not be as careful about what they post. These settings allow you to set who can see posts you're tagged in. You may also want to activate "review," which lets you check posts you're tagged in before they appear on your timeline.

• Blocking: Here's where you can get specific. Blocking allows you to control your individual interactions with people on Facebook. You can set whether specific people can see posts, invite you to join apps or attend events. You can also block apps and pages.

• Lock down your browser: There are several browser extensions that can protect your privacy while you're online. A big one is an ad blocker, which not only does what it says, but can help control where your data goes while you're browsing. Lifehacker has a good roundup of privacy extensions here.

5. Read up

If you're truly concerned about your data, you may want to dive into Facebook's privacy policy. They have released a new one in the wake of the data scandal. The company lays out what information it collects, how it uses information and how you can manage your information. If you're uncomfortable with what you learn, you may want to reconsider whether you want to use the service at all.

How to delete Facebook

Since the Cambridge Analytica news broke, many people have reconsidered whether they want to use Facebook at all. It's pretty easy to delete. You can just click here.

There are some caveats: You won't be able to reactivate your account after doing this. You won't be able to get anything you've uploaded either, so you may want to download a copy of your posts and photos first. (You're given this option when you go to delete your account.) It will also take up to 90 days, according to Facebook.

Europe has a "Right to be forgotten" that allows people to ask Google to remove their name from search results. We don't. Until then, users of services like Facebook can exert pressure on companies and regulators to better protect their private data, Levin said.

Post carefully

And we should all be more mindful of the information we put out there, Levin said.

"You have to be more alert," he said. "You have to understand the ramifications of what you post and where you post it."

We love being able to share pictures of our kids and update our friends about new cars or jobs, but all that information is the product social media networks sell. Cambridge Analytica may have broken some Facebook rule in obtaining your data, but Facebook already markets that data to advertisers to make money.

We all have to recognize that we are the product, Levin said, and take the proper precautions. If not, there are other, more analog ways to share, he said: "Get a journal."

Yes, we have to include some legalese down here. Read it larger on our legal page. Policygenius Inc. (“Policygenius”) is a licensed independent insurance broker. Policygenius does not underwrite any insurance policy described on this website. The information provided on this site has been developed by Policygenius for general informational and educational purposes. We do our best efforts to ensure that this information is up-to-date and accurate. Any insurance policy premium quotes or ranges displayed are non-binding. The final insurance policy premium for any policy is determined by the underwriting insurance company following application. Savings are estimated by comparing the highest and lowest price for a shopper in a given health class. For example: for a 30-year old non-smoker male in South Carolina with excellent health and a preferred plus health class, comparing quotes for a $500,000, 20-year term life policy, the price difference between the lowest and highest quotes is 60%. For that same shopper in New York, the price difference is 40%. Rates are subject to change and are valid as of 2/17/17.